summaryrefslogtreecommitdiff
path: root/sys/arch/amd64
AgeCommit message (Expand)Author
2023-04-17Oops, ramdisk case should be -fcf-protection=noneTheo de Raadt
2023-04-17Enable Indirect Branch Tracking (IBT) for the kernelJonathan Gray
2023-04-17For future userland IBT, the sigcode needs to start with a endbr64.Theo de Raadt
2023-04-17The bootblocks are 32-bit binaries which use the ENTRY() macros which nowTheo de Raadt
2023-04-17IDTVEC_NOALIGN() was the incorrect way to create a label in two places,Theo de Raadt
2023-04-17Add endbr64 instructions to most of the ENTRY() macros.Theo de Raadt
2023-04-16compile regular kernels with -fcf-protection=branch, and ramdisks withTheo de Raadt
2023-04-16call default db_ktrap() with tf_err, not 0 for exception error codeJonathan Gray
2023-04-16Handle T_CP traps from userland by generating SIGILL, withPhilip Guenther
2023-04-16Both trap 21 (T_CP) and trap 17 (T_ALIGNFLT) supply an error codePhilip Guenther
2023-04-16vmm(4): save and restore Intel CET state on vm entry/exit.Dave Voutila
2023-04-15change trap16 from IDTVEC_NOALIGN to IDTVEC as it is now the firstJonathan Gray
2023-04-15add endbr defines and control protection trapJonathan Gray
2023-04-14vmm: NENTRY -> ENTRYDave Voutila
2023-04-14vmm(4): add NENTRY/END macros around asm functions.Dave Voutila
2023-04-14add VMX/VMCS defines for amd64 endbr64 featuresDave Voutila
2023-04-13pmap_copy() has never, ever, been implemented in any of the platforms OpenBSDMiod Vallat
2023-04-11fix double words in commentsJonathan Gray
2023-04-10spellingJonathan Gray
2023-04-02nable ngbe(4) on install media. Passes 'make release' build.Kevin Lo
2023-03-31Enable ngbe(4).Kevin Lo
2023-03-26amd64: identify IBT capability in cpu(4) dmesg linesMike Larkin
2023-03-19Aggressively randomize the location of the stack on all 64-bit architecturesMark Kettenis
2023-03-15store bios version, needed for amdgpu Steam Deck quirkJonathan Gray
2023-03-09workaround Intel Braswell/Cherry Trail mwait hangJonathan Gray
2023-03-08amd64: lapic_timer_rearm: don't reset mode, mask, divisorScott Soule Cheloha
2023-03-06In iskmemdev(), do not check for the minor of /dev/io. It has beenMiod Vallat
2023-02-23Remove dangerous user-settable "addr" variable from MI boot loader, andMiod Vallat
2023-02-11__syscall() is no longer neccessary since the system calls which neededTheo de Raadt
2023-02-04timecounting: remove incomplete PPS supportScott Soule Cheloha
2023-01-31amd64: lapic_timer_trigger: disable interrupts while configuring timerScott Soule Cheloha
2023-01-31On systems without xonly mmu hardware-enforcement, we can still mitigateTheo de Raadt
2023-01-30vmm(4): expose PKU cpuid bit if in use on host.Dave Voutila
2023-01-30part of a future diff snuck into the previous commitTheo de Raadt
2023-01-30vmm(4): save and restore guest pkru.Dave Voutila
2023-01-30We have determined that enough HV have correct PKU handling now,Theo de Raadt
2023-01-29sign another typoTheo de Raadt
2023-01-28Move some header definitions from vmm(4) to vmd(8).Dave Voutila
2023-01-28typo in commentTheo de Raadt
2023-01-20On cpu with the PKU feature, prot=PROT_EXEC pages now create pte whichTheo de Raadt
2023-01-19Revise implementation of pmap_protect(9) in preparation for execute-onlyMark Kettenis
2023-01-19Restrict vmm(4) exposed cpuid extended feature flags.Dave Voutila
2023-01-18change BIOSF_SMBIOS bit flag from 6 to 8Jonathan Gray
2023-01-17Simplify and clarify the implementation of the pmap_page_protect(9) API.Mark Kettenis
2023-01-17On amd64 machines without the NX feature enabled, we can't distinguishMark Kettenis
2023-01-16we spent far too long debugging a weird go library problem (incorrectTheo de Raadt
2023-01-16export PGK_VALUE so that .S files can use itTheo de Raadt
2023-01-163 new defines: he PTE protection key mask, the specific key value we useTheo de Raadt
2023-01-14Implement access to EFI variables and ESRT through an ioctl(2) interfaceMark Kettenis
2023-01-14add protection-key violation error code for page-fault exceptionsJonathan Gray